Checkmarx.API
5.1.0
dotnet add package Checkmarx.API --version 5.1.0
NuGet\Install-Package Checkmarx.API -Version 5.1.0
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package.
<PackageReference Include="Checkmarx.API" Version="5.1.0" />
For projects that support PackageReference, copy this XML node into the project file to reference the package.
paket add Checkmarx.API --version 5.1.0
The NuGet Team does not provide support for this client. Please contact its maintainers for support.
#r "nuget: Checkmarx.API, 5.1.0"
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package.
// Install Checkmarx.API as a Cake Addin
#addin nuget:?package=Checkmarx.API&version=5.1.0
// Install Checkmarx.API as a Cake Tool
#tool nuget:?package=Checkmarx.API&version=5.1.0
The NuGet Team does not provide support for this client. Please contact its maintainers for support.
Checkmarx.API
The goal of this project is to provide an API Wrapper for the Checkmarx SAST (REST, SOAP and OData API) for .NET Core to works in a transparent way between the different the Checkmarx versions (8.9 or Higher)
It currently already supports the Checkmarx SCA (Software Composition Analysis),
Future Support: (Access Control & IAST) support.
Running the Unit Tests
Before running the unit tests please make sure to configure the needed credentials using the Safe storage of app secrets in development in ASP.NET Core
How to use the SDK
Connection to SAST or SCA
A CxClient provider access to SAST and an SCAClient provides access to SCA:
// create a SAST client to interact with SAST/OSA and the Access Control (AC)
CxClient sastClient = new CxClient(new Uri("https://sast.server.com"),
"my_user",
"mypassword");
// create a SCA client to interact with SCA and the Access Control (AC)
CxClient scaClient = new SCAClient(Tenant, Username, Password);
Check the version of Checkmarx Product
Console.WriteLine(sastClient.Version);
Check the version of Checkmarx Product without authentication
Console.WriteLine(CxClient.GetVersionWithoutConnecting("https://sastserver"));
Get the Access Control from SAST
AccessControlClient accessControlClient = sastClient.AC;
Get the Access Control from SCA
AccessControlClient accessControlClient = scaClient.AC;
SAST (Security Application Security Testing)
Check the Checkmarx.API.Tests.CxClientUnitTests.cs for a lot of code snippets on how to use the API.
List projects
foreach (var item in sastClient.GetProjects())
{
Trace.WriteLine(item.Value);
}
Create Project
sastClient.SASTClient.ProjectsManagement_PostByprojectAsync(new SaveProjectDto {
IsPublic = true,
Name = "ProjectName",
OwningTeam = "34"
}).Wait();
Branch Project
sastClient.SASTClient.BranchProjects_BranchByidprojectAsync(123, new BranchProjectDto
{
Name = "New Branch Name"
}).Wait();
Run Scan
client.RunSASTScan(projectId, null, true, sourceCodeZipFile);
Presets
Reports
SCA (Software Compostion Analysis)
Check the Checkmarx.API.Tests.SCAClientUnitTests.cs for a lot of code snippets on how to use the API.
List projects
foreach (var project in scaClient.ClientSCA.GetProjectsAsync().Result)
{
Console.WriteLine(project.Id + " " + project.Name);
}
Create Project
var scaProject = scaClient.ClientSCA.CreateProjectAsync(new API.SCA.CreateProject
{
Name = scaProjectName,
AssignedTeams = new string[] { teamFullPath }
}).Result;
Trigger Scan with Zip Source Code
scaClient.ScanWithSourceCode(scaProject.Id, zipPath);
Access Control API
Get/List All Users
foreach (var user in accessControlClient.GetAllUsersDetailsAsync().Result)
{
Console.WriteLine(user.Email + string.Join(";", user.TeamIds.Select(x => teamsx].FullName)) +" " user.LastLoginDate);
foreach (var role in user.RoleIds.Select(x => roles[x].Name))
{
Console.WriteLine("+ " + role);
}
}
Create a new user
ICollection<int> cxTamRoles = new int[] {
accessControlClient.RolesAllAsync().Result.First(x => x.Name == "SAST Admin").Id
};
ICollection<int> cxTeamIds = new int[] {
accessControlClient.TeamsAllAsync().Result.First(x => x.FullName == "/CxServer").Id
};
int localeID = accessControlClient.SystemLocalesAsync().Result.First(x => x.Code == "enUS").Id;
CreateUserModel user = new CreateUserModel
{
FirstName = "firstname",
LastName = "lastname",
UserName = "email@checkmarx.com",
Email = "email@checkmarx.com",
Password = "******",
ExpirationDate = DateTimeOffset.UtcNow + TimeSpan.FromDays(1000),
Active = true,
Country = "Portugal",
JobTitle = "The World Greatest",
AuthenticationProviderId = accessControlClient.AuthenticationProvidersAsyn().Result.First(X =>X.Name == "Application").Id, // Application User
LocaleId = localeID,
RoleIds = cxTamRoles,
TeamIds = cxTeamIds,
};
accessControlClient.CreatesNewUser(user).Wait();
Get/List Teams
foreach (var item in accessControlClient.TeamsAllAsync().Result)
{
Console.WriteLine($"{item.Id} = {item.FullName}");
}
Get or Create Team
scaClient.AC.GetOrCreateTeam(teamFullPath);
| Product | Versions Compatible and additional computed target framework versions. |
|---|---|
| .NET | net8.0 is compatible. net8.0-android was computed. net8.0-browser was computed. net8.0-ios was computed. net8.0-maccatalyst was computed. net8.0-macos was computed. net8.0-tvos was computed. net8.0-windows was computed. |
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.
-
net8.0
- Capri (>= 0.0.1)
- Checkmarx.API.AccessControl (>= 2.1.0)
- Checkmarx.API.SCA (>= 3.2.0)
- Microsoft.Data.OData (>= 5.8.5)
- Microsoft.Extensions.Configuration.UserSecrets (>= 8.0.0)
- Microsoft.OData.Client (>= 7.20.0)
- Microsoft.OData.Core (>= 7.20.0)
- Microsoft.OData.Edm (>= 7.20.0)
- Microsoft.Spatial (>= 7.20.0)
- Newtonsoft.Json (>= 13.0.3)
- System.ComponentModel.Annotations (>= 5.0.0)
- System.IdentityModel.Tokens.Jwt (>= 7.4.0)
- System.ServiceModel.Duplex (>= 6.0.0)
- System.ServiceModel.Http (>= 8.0.0)
- System.ServiceModel.NetTcp (>= 8.0.0)
- System.ServiceModel.Security (>= 6.0.0)
- System.Text.Json (>= 8.0.2)
NuGet packages
This package is not used by any NuGet packages.
GitHub repositories
This package is not used by any popular GitHub repositories.
| Version | Downloads | Last updated |
|---|---|---|
| 5.1.0 | 92 | 3/22/2024 |
| 5.0.0 | 101 | 3/1/2024 |
| 4.0.0 | 126 | 1/27/2024 |
| 3.6.0 | 158 | 8/18/2023 |
| 3.5.0 | 162 | 7/10/2023 |
| 3.4.0 | 338 | 11/17/2022 |
| 3.3.0 | 329 | 11/2/2022 |
| 3.2.0 | 387 | 10/19/2022 |
| 3.1.0 | 367 | 10/19/2022 |
| 3.0.0 | 376 | 10/19/2022 |
| 2.9.0 | 367 | 10/6/2022 |
| 2.8.0 | 321 | 10/5/2022 |
| 2.7.0 | 400 | 8/16/2022 |
| 2.6.1 | 440 | 4/16/2022 |
| 2.5.0 | 386 | 3/24/2022 |
| 2.4.0 | 388 | 3/24/2022 |
| 2.3.0 | 324 | 1/2/2022 |
| 2.2.0 | 251 | 1/2/2022 |
| 2.1.0 | 3,520 | 11/25/2021 |
| 2.0.0 | 367 | 11/5/2021 |
| 1.6.0 | 352 | 11/5/2021 |
| 1.5.0 | 349 | 8/27/2021 |
| 1.0.0 | 360 | 7/25/2021 |
| 0.1.1 | 361 | 1/25/2021 |
| 0.1.0 | 322 | 1/25/2021 |